The Royal Bank of Canada announced that it will combat fraud by combining card and biometric authentication with a PIN authentication via mobile apps for online payments. Canadians lost more than $300M to fraud in 2021, as compared to $80M in 2020.

Why should we care?
While the new measure functions in conjunction with more advanced technologies—biometrics among them—RBC sees the PIN as an old-school safeguard that clients are less likely to give away to scammers. Clients will be invited to verify e-commerce payments by typing their PIN on the bank’s mobile app. "We have had PINs for years. Consumers use them for all sorts of everyday transactions," said Peter Tilton, Chief Digital Officer at RBC. "A PIN is a well-known asset and not something that consumers are likely to share as much as other information." The PIN can also be used to reset passwords. Julie Conroy, Head of Risk Insights and Advisory for Aite-Novarica, thinks the measure is a step in the right direction, but still makes card users susceptible to “friendly fraud” by family members who know a client’s PIN. As e-commerce grows, we should expect other banks to incorporate traditional safeguards—and digitize them in the process.